Blaise Pabon:
I have a question about the solution for the RBAC lab (attached)
• in the second block of apiGroups, why is there no resourceNames , like there is in the previous block?
Alistair Mackay:
The first rule is constraining the actions only to pod named dark-blua-app
The second rule is permitting creation of any deployment.
Having said that, the apiGroup of the first rule should be "" because pods is not in apiGroup apps